[Ocf-linux-users] Question regarding the operation of AES 128 CBC mode with OCF
Brought to you by:
david-m
Menu
▾
▴
[Ocf-linux-users] Question regarding the operation of AES 128 CBC mode with OCF
|
From: Sundar S. <sun...@gm...> - 2011-11-25 07:40:37
|
Hi OCF guys, I have OCF framework along with the drivers built into the kernel and properly tested with crypto-tools (cmactest and cryptotest). My question is particularly about the AES 128 CBC mode. The cmactest.c under crypto-tools had test code for sha1 hmac and des hmac. I followed the same procedure for testing aes 128 cbc and it seemed to work. 1. First I open up a session with keylength and key, etc, 2. Secondly, encrypt a plain text with an IV. 3. Then decrypt the cipher text that is obtained in step two. 4. Close the session In CBC mode, the IV is fed only the first time. The encryption of forthcoming plaintext is done with the previous ciphertext as the IV. Should I keep the previous ciphertext somewhere in the userland application and feed it the next time as the IV for next encryption? Or this chaining is taken care by OCF/driver in the kernel? If it happens in the OCF in kernel space, then is it ok that i close the session for every encryption/decryption? I guess the session should be kept till all the encryption/decryption is over. Thanks in advance for clarification. Regards, Sundar |
